Why Cloud? Secure. Private. Resilient. Open.

Full text

(1)

© 2013 IBM Corporation

Why Cloud?

Secure. Private. Resilient. Open.

Dr. Matthias Kaiserswerth

(2)

On today’s Smarter Planet, businesses globally are challenged to

innovate while managing an unprecedented rate of change.

200 Billion

62%

60,000

of workloads will

cyber attacks

physical assets

1 Billion

(3)

© 2013 IBM Corporation

3

Organizations must balance optimization with innovation to enable new

product and service models

New economics of IT

fuels investments in

innovation

Innovation drives

need for continuous

IT

optimization

Optimization

Innovation

Next Generation

of Hybrid

Architectures

(4)

Communication Between LB and LE

Traditional Operating Model

Public (IaaS-Operating Model)

«traditionelles»

Betriebsmodell

IaaS

Betriebsmodell

43 "Instance": { 44 "Type" : "AWS::EC2::Instance", 45 "Properties" : {

46 "SecurityGroups" : [{"Ref": "sgInternal"},{"Ref": "sgExternal"},{"Ref": "sgInstance"}], 47 "KeyName" : "default",

48 "AvailabilityZone" : {"Ref": "availabilityZone"}, 49 "InstanceType" : { "Ref": "instanceType" }, 50 "ImageId" : { "Ref": "amiid" },

51 "Tags":[

52 {"Key":"CFN", "Value":"cfn std instance.json"} 53 ],

54 "UserData": { "Fn::Base64": { "Fn::Join": ["", [ 55 "#!/bin/bash\n",

56 "export PATH='/bin:/sbin:/usr/bin:/usr/sbin'\n",

57 "echo 'deb http://pkg.camptocamp.net/staging squeeze sysadmin' >> /etc/apt/sources.list\n",

58 "apt get update\n",

59 "apt get install y force yes python aws cfn bootstrap\n", 60 "/usr/bin/curl insecure https://get

puppet:quooHae2zohy@dashboard.bgdi.admin.ch/scripts/install puppet.bash | bash\n",

61 "/usr/bin/cfn signal e 0 r 'Basic configuration completed' '", { "Ref" : "WaitHandle" }, "'\n" 62 ]]} 63 } 64 }

Code / API

(Datacenter Abstraktion)

diverse Kanäle

Various Channels

Code / API <

(5)

© 2013 IBM Corporation

Main differences between the Two Operating Models

5

source: Hanspeter Christ, swisstopo

Traditional Operating Model

Public (IaaS-Operating Model)

8

Hanspeter Christ

swisstopo

geo.admin.ch: Agilität und Performance aus der Public Cloud

Workshop «Cloud Computing in Bildung und Forschung», Dienstag, 23. April 2013, Haus der Universität Bern

Kundenspezifische

Infrastruktur

Kunde kann/muss in der Regel zwischen

versch. Hardware Optionen wählen

Support

durch LE

CapEx und OpEx

Infrastruktur Rollout

nicht vollständig

automatisierbar

Infrastruktur

nicht revisionierbar

in SW

Repository

nicht reproduzierbar

(neuer Server up and

running in Wochen bis Stunden)

Sicherheit und Verfügbarkeit leidet

unter

manuellen Interaktionen

langsame Releasezyklen

Klare Trennung zwischen Projekt und

Betrieb

, sowohl inhaltlich wie

organisatorisch

Hauptunterschiede der beiden Betriebsmodelle

«traditionelles»

Betriebsmodell

(Public) IaaS

Betriebsmodell

“Take it or leave it”

Infrastruktur

(limited

choice)

Hardware Ressourcen vollständig über API

abstrahiert

Support

durch LE und Community

Innovationsfreundliches

Pay as you go

Modell

Infrastruktur Rollout

vollständig

automatisierbar

Infrastruktur

revisionierbar dokumentiert

in

SW Repository

reproduzierbar

(neuer Server up and running

in Minuten)

Sicherheit und Verfügbarkeit

steigt dank

hohem Automatisierungsgrad

schnelle Releasezyklen

Grenzen zwischen Projekt

und Betriebsteam

lösen sich auf (

DevOps

)

(6)

Enable new business

models and client

relationships

Deliver secure IT without

boundaries

Improve the agility and

dexterity of business

Speed delivery of product

and service innovation

Leveraging the transformational power of Cloud computing

(7)

© 2013 IBM Corporation

Clouds Come in All Shapes and Sizes

7

Cloud

Enabled

Data Center

(IaaS)

Cloud

Platform

Services

(PaaS)

Cloud

Service

Provider

Business

Solutions on

Cloud (SaaS)

(8)

Cloud

Enabled

Data Center

(IaaS)

Cloud

Platform

Services

(PaaS)

Cloud

Service

Provider

1

Business

Solutions on

Cloud (SaaS)

(9)

© 2013 IBM Corporation

9

swisstopo: Cloud Computing in the Public Sector

Cloud Enabled Data Center

(IaaS)

Challenge

An efficient way to handle peak loads, which are

triggered by Press Releases

Solution

Infrastructure as a Service (Amazon S3)

Open Source Software Stack

Additional capacity is released immediately

Existing virtualization technology enables a simple

software testing on different platforms

(10)

Cloud

Enabled

Data Center

(IaaS)

Cloud

Platform

Services

(PaaS)

Business

Solutions on

Cloud (SaaS)

Cloud

Service

Provider

(11)

© 2013 IBM Corporation

11

Lucerne Festival: Cloud Based Load Testing and Granularity

Challenge

High peak immediately after the opening ticket sales

(>10 times) resulting in highly variable performance

of the online ticket shop.

Small IT operations team and few resources for

in-house performance testing and resolution of the

existing solution.

Solution

Outsourcing performance testing environment to the

IBM SmartCloud Enterprise. Supports load

simulation of 6000 virtual users and machines.

Business Solutions on

Cloud (SaaS)

(12)

Standards-based. Flexible. Secure. No Vendor Lock-In.

IBM’s Smarter approach to interoperability in the Cloud

participating companies

400

+

50

%

operate outside the IT realm

The Cloud Standards Customer Council’s activities include:

Providing guidance to the

multiple cloud

standards-defining bodies.

Establishing the criteria for

open, standards-based

cloud computing, driven by

customer use cases.

Defining best-practices

and producing case studies,

use cases, requirements,

gap analysis and

recommendations for cloud

standards.

IBM solutions are built on a comprehensive, open reference model for

secure cloud computing

Open Services

for Lifecycle

Collaboration

(13)

© 2013 IBM Corporation

13

Intercloud Storage

Transparent Cloud Storage Gateway

Can be configured to connect to one or more

clouds (public, private, or hybrid), adds

encryption, integrity, and resiliency, it’s

transparent to GPFS and manages keys.

(14)
(15)

© 2013 IBM Corporation

15

The Power of Cloud:

Transforming healthcare with IBM SmartCloud and Watson

“…health care pros make accurate treatment decisions only 50% of the time

(a shocker to me). Watson, once it is trained in a medical specialty, can make

accurate decisions 90% of the time.”

-

Samuel Nussbaum, WellPoint Inc. Chief Medical Officer

Watson, now available via the

cloud to a personal computer,

tablet or smartphone, allowing

more access by more doctors

and hospitals.

Delivering improved

care more quickly

and confidently than

ever before.

Medical knowledge is growing

more quickly than doctors can keep

up with

In the U.S. alone,

up to 15%

of medical

diagnoses are inaccurate or incomplete.

1

Digitized medicine in North America alone

will grow

400% by 2015

Reaching a total of

of data, or

the data in all U.S. libraries combined.

2

14,000 terabytes

7,500 times

(16)

Types of Clouds

Private: Internal IT

(17)

© 2013 IBM Corporation

17

European consortium to prototype an advanced cloud infrastructure

that can deliver a new level of secure, private and resilient computing

and storage that is cost-efficient, simple and scalable using an Italian

hospital and electricity grid in Portugal.

(18)

4 June: IBM to Acquire SoftLayer: Enabling clients to securely mix

and match public and private cloud services

(19)

© 2013 IBM Corporation

Risks of Cloud Computing

19

Compliance

Complying with SOX, HIPAA

and other regulations may

prohibit the use of clouds for

some applications.

Reliability

High availability will be a key concern.

IT departments will worry about a loss

of service should outages occur.

Control

Many companies and governments

are uncomfortable with the idea of

their information located on

systems they do not control.

Security Management

Even the simplest of tasks may be

behind layers of abstraction or

performed by someone else.

Data

Migrating workloads to a shared

network and compute infrastructure

increases the potential for

unauthorized exposure.

Providers must offer a high degree of

security transparency to help

put customers at ease.

Authentication and access

technologies become

increasingly important.

Mission critical applications

may not run in the cloud

without strong availability

guarantees.

Comprehensive auditing

capabilities are essential.

Providers must supply easy controls to

manage security settings for application

(20)

Figure

Updating...

References

Updating...